<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<!--#include file="config.asp"-->
<!--#include file="admin/inc/FORMAT.asp"-->
<%
passWord = strreplace(request("passWord"))
userName = strreplace(request("userName"))
sqltext="select * from userInfo where userName = '"&userName&"' and passWord = '"&passWord&"'"
set rs = conn.execute(sqltext)
if not(rs.eof and rs.bof) then
	if rs("checked") = "1" then
		session("UserName") = rs("userName")
		session("UserID") = rs("ID")
		session("trade") = rs("trade")
		response.Redirect("default.asp")
	else
		response.Write("<script>alert('user unchecked,error');history.go(-1)</script>")
	end if
else
	response.Write("<script>alert('error!');history.go(-1)</script>")	
end if
%>